Patch-ID# 103885-02
Keywords: account keyboard lockup security console authenticate NIS+ password
Synopsis: CDE 1.0.1_x86 dtlogin: patch for login authentication issues
Date: Oct/28/96

Solaris Release: 2.4_x86 2.5_x86

SunOS Release: 5.4_x86 5.5_x86

Unbundled Product: CDE

Unbundled Release: 1.0.1_x86

Relevant Architectures: i386

Xref: This patch available for SPARC as patch 103884

BugId's fixed with this patch: 1205631 1253624 1258143 4005735

Changes incorporated in this version: 4005735

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: 

	/usr/dt/bin/dtlogin
	/usr/dt/config/dtconfig.rc

Problem Description: 

    4005735 CDE 1.1 dtlogin on Solaris 2.4 (and 1.0.x patch) has serious security hole

    Incorporated from previous patch:
    1205631 Dtlogin failed to detect an expired account
    1253624 keyboard lockup fix for console logins
    1258143 authenticate NIS+ passwords longer than 8 characters 

Patch Installation Instructions: 
-------------------------------- 
Refer to the Install.info file for instructions on using the
generic 'installpatch' and 'backoutpatch' scripts provided with
each patch.  Any other special or non-generic installation
instructions should be described below as special instructions.

Special Install Instructions: 
----------------------------- 

None.